Note: The Site Administrator passwords are not affected by this complexity requirement.

passwordComplexityDescription

Set to a human-readable string describing the password complexity requirement. This string will be shown to the user when a password choice fails the complexity requirements set using the 'passwordComplexity' option. An example password complexity description is "Passwords must have at least 6 characters." If this value is not set but the 'passwordComplexityRegex' is, the user will be shown the 'passwordComplexityRegex' string instead.

passwordsRemembered

introduced in 8.2

This security setting determines the number of unique new passwords that have to be associated with a user account before an old password can be reused.

default: 0

maximumPasswordAgeDays

introduced in 8.2

This security setting determines the period of time (in days) that a password can be used before the system requires the user to change it.

default: 0 (no maximum)

minimumPasswordAgeDays

introduced in 8.2

This security setting determines the period of time (in days) that a password must be used before the user can change it.

default: 0

minimumPasswordLength

introduced in 8.2

This security setting determines the least number of characters that a password for a user account may contain.

default: 6

enforcePasswordComplexity

introduced in 8.2

If this policy is '1' or 'true', passwords must meet the following minimum requirements:

Not contain the user's account name or parts of the user's full name that exceed two consecutive characters

Be at least six characters in length (this setting and minimumPasswordLength can both be set, the effective minimum password length will be the higher of six and the value of minimumPasswordLength)

Contain characters from three of the following four categories:

English uppercase characters (A through Z)

English lowercase characters (a through z)

Base 10 digits (0 through 9)

Non-alphabetic characters (for example, !, $, #, %)

Complexity requirements are enforced when passwords are changed or created.

default: 0

accountLockoutThreshold

introduced in 8.2

Number of incorrect log on attempts for a username before locking the account for accountLockoutDurationSeconds

default: 5

accountLockoutDurationSeconds

introduced in 8.2

Number of seconds an account gets locked for after accountLockoutThreshold failed log on attempts

default: 30

loginTimeoutSeconds

introduced in 8.2

Number of seconds betweek asking for the authentication password for console users

default: [setting not configured, remove setting to only ask for password during console login. Add it set to 0 for 7.x to prompt for password each time.]